/*
 * Copyright 2013 Alibaba.com All right reserved. This software is the
 * confidential and proprietary information of Alibaba.com ("Confidential
 * Information"). You shall not disclose such Confidential Information and shall
 * use it only in accordance with the terms of the license agreement you entered
 * into with Alibaba.com.
 */
package com.madding.shared.encrypt.cert.bc.main;

import static com.madding.shared.encrypt.cert.gen.BCCertGenerator.getIns;

import java.security.KeyPair;
import java.security.cert.Certificate;
import java.util.HashMap;
import java.util.Map;

import org.bouncycastle.jce.X509Principal;

import com.madding.shared.encrypt.cert.bc.CertFilePersistence;
import com.madding.shared.encrypt.cert.bc.loader.CaCertLoader;
import com.madding.shared.encrypt.cert.bc.util.KeyPairUtil;
import com.madding.shared.encrypt.cert.bc.util.X509PrincipalUtil;
import com.madding.shared.encrypt.cert.constant.ExtensionsOIDConstants;

/**
 * 类AlilangClientUserCreator.java的实现描述：TODO 类实现描述
 * 
 * @author madding.lip Dec 6, 2013 9:23:41 PM
 */
public class AlilangClientUserCreator {

    public static void main(String[] args) throws Exception {
        // create alilang client user
        String file = "/home/madding/output/alilang_client_35741";
        String subjectAltName = "alilang_client_35741";
        String cn = subjectAltName;
        String email = "alilang_client_35741@alibaba-inc.com";
        String title = "35741|xxxxxxxxxxxxxxxxxxxxxxxx|xxxxxxxxxxxx_xxxxxxxxxxxx";
        X509Principal subject = X509PrincipalUtil.createClientUserPrincipal(cn, email, title);

        Map<String, String> exts = new HashMap<String, String>();
        exts.put(ExtensionsOIDConstants.EXT_OSLOGINAME_OID, "os_loginname");
        exts.put(ExtensionsOIDConstants.EXT_OSTYPE_OID, "os_type");
        
        KeyPair cCaKeyPair = CaCertLoader.getClientCaKeyPair();
        KeyPair keyPair = KeyPairUtil.generateRSAKeyPair();

        Certificate cUserCert = getIns().createClientUserCert(subjectAltName, subject, exts, keyPair.getPublic(), cCaKeyPair);
        Certificate[] clientUserChain = new Certificate[3];
        clientUserChain[2] = CaCertLoader.getCaCrt();
        clientUserChain[1] = CaCertLoader.getClientCaCrt();
        clientUserChain[0] = cUserCert;
        CertFilePersistence.storeCertFile(subjectAltName, clientUserChain, keyPair, file);
        System.out.println("end....");
    }
}
